87 lines
2.3 KiB
Nix
87 lines
2.3 KiB
Nix
{
|
|
flake,
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}:
|
|
with lib; let
|
|
psCfg = config.pub-solar;
|
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
|
|
|
dataDir = "${xdg.dataHome}/Paperless";
|
|
backupDir = "${xdg.dataHome}/PaperlessBackup";
|
|
consumptionDir = "/home/${psCfg.user.name}/.local/share/scandir";
|
|
in {
|
|
services.paperless = {
|
|
enable = true;
|
|
user = psCfg.user.name;
|
|
consumptionDir = consumptionDir;
|
|
dataDir = dataDir;
|
|
address = "127.0.0.1";
|
|
extraConfig = {
|
|
PAPERLESS_OCR_LANGUAGE = "nld+deu";
|
|
PAPERLESS_ADMIN_USER = psCfg.user.name;
|
|
PAPERLESS_AUTO_LOGIN_USERNAME = psCfg.user.name;
|
|
PAPERLESS_URL = "https://paperless.b12f.io";
|
|
};
|
|
};
|
|
|
|
hardware.sane = {
|
|
enable = true;
|
|
extraBackends = [pkgs.hplipWithPlugin];
|
|
};
|
|
|
|
users.users."${psCfg.user.name}".packages = with pkgs; [
|
|
scan2paperless
|
|
sane-backends
|
|
python310Packages.img2pdf
|
|
];
|
|
|
|
home-manager.users."${psCfg.user.name}" = {
|
|
home.sessionVariables = {
|
|
SCANNER_OUTPUT_DIR = consumptionDir;
|
|
};
|
|
systemd.user.sessionVariables = {
|
|
SCANNER_OUTPUT_DIR = consumptionDir;
|
|
};
|
|
};
|
|
|
|
services.caddy = {
|
|
enable = true;
|
|
extraConfig = ''
|
|
paperless.b12f.io {
|
|
request_header Host localhost:${builtins.toString config.services.paperless.port}
|
|
reverse_proxy 127.0.0.1:${builtins.toString config.services.paperless.port}
|
|
}
|
|
'';
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d '${backupDir}' 0700 ${psCfg.user.name} users - -"
|
|
];
|
|
|
|
age.secrets."rclone-pie.conf" = {
|
|
file = "${flake.self}/secrets/rclone-pie.conf";
|
|
path = "/root/.config/rclone/rclone.conf";
|
|
mode = "600";
|
|
};
|
|
|
|
age.secrets."restic-password.age" = {
|
|
file = "${flake.self}/secrets/restic-password.age";
|
|
mode = "600";
|
|
};
|
|
|
|
services.restic.backups = {
|
|
paperless = {
|
|
paths = [ backupDir ];
|
|
initialize = true;
|
|
passwordFile = config.age.secrets."restic-password.age".path;
|
|
# See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/
|
|
repository = "rclone:cloud.pub.solar:/backups/Paperless";
|
|
backupPrepareCommand = "${dataDir}/paperless-manage document_exporter ${backupDir} -c -p";
|
|
rcloneConfigFile = config.age.secrets."rclone-pie.conf".path;
|
|
};
|
|
};
|
|
}
|